AFCEA offers a wide range of white papers, EBooks, case studies, event videos and analytical content in our Resource Library. These documents may be relevant to your work and of interest to you as a member of the global defense, security and intelligence community. The content updates often so please bookmark this page and come back frequently.
Registration is required to access the documents. This registration information is minimal and is only shared with the sponsor of the specific document you access.
TABLE OF CONTENTS 1. Threats evolution in the cyber-space 2. Situational awareness to face multi-domain threats 3. Cyber situational awareness: Leonardo solution 4. AI to improve human performance and decision-making processes 5. Who we are
Author: Owl Cyber Defense
This document includes an overview of critical infrastructure, the associated cybersecurity challenges including a background on industrial control system (ICS) security, and provides a synthesis of the most recent available guidance to secure critical infrastructure and the various supporting systems within a defense context. It is intended as a best practice primer for the cybersecurity of DoD critical infrastructure, and to provide a basic foundation of accumulated knowledge.
Author: Attivo Networks
The implementation of a comprehensive cybersecurity plan to protect Industrial Automation and Control Systems (IACS), including SCADA, is critical to protecting confidential company information, complying with applicable laws and maintaining safe and reliable operations. A defense-in-depth approach to cybersecurity reduces risk with each effective layer of protection and combines a mix of defense and offense measures for the maximum protection against a breach. The implementation of a Dynamic Deception solution provides the real-time visibility into threats that have by ...
This edition of The Cyber Edge celebrates and recognizes the contributions of women in cybersecurity and STEM. All of the articles in the section were written by women and feature expert opinions on operating in a time where information often can be a weapon.
Despite obvious and compelling needs for ways to measure security, AFCEA's Cyber Committee found that there is no consensus about how to measure security. To the contrary, its members found that the security metrics are all over the map with most organizations admitting in confidential discussions that they are not comfortable with the metrics they are using.
Author: Attivo Networks
The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) Matrix provides a model for cyber
adversary behavior, reflecting various phases of an adversary's lifecycle and the platforms they are known to target. It is designed
to help determine which technologies work or fail, identify gaps to improve security posture and processes, prioritize work on
detecting and deterring techniques, and to evaluate new security technology. ATT&CK is useful for understanding security risk
against known adversary behavior, planning security improv ...
2019 AFCEA Army Signal Conference Solutions Showcase Compendium
Prior to the conference, the U.S. Army identified opportunities for industry to offer potential solutions to problems the service and joint force must address both today and in the near future. The list included cloud and application migration/enterprise/hybrid cloud strategy; data cleansing; total army asset visibility/configuration management; risk management framework optimization; continuous cyber security compliancy monitoring; insider threat, zero trust environment; and protected data.
Author: Intelsat General Corporation
Cyber threats are growing more advanced, with networks constantly under attack from entities in search of critical data to deny transmission or steal information. Intelsat EpicNG delivers reliability, security, performance and the flexibility to keep pace with changing geographic and mission requirements. Intelsat EpicNG's advanced digital payload creates an enhanced environment for battling interference and for mitigating jamming, assuring government organizations have coverage and providing connectivity for any operation. Intelsat EpicNG satellites successfully provid ...
As cybersecurity has become more complex, traditional methods do not account for the wide range of issues related to securing corporate data and handling privacy concerns. New technology, improved processes and broad workforce education are all required for a modern security posture. Adopting a new approach requires cultural change within an organization, but it also requires a diverse set of skills. A new report by CompTIA examines the ways that businesses are building security teams, using internal and external resources, to assemble the expertise needed for security ...
Cybercriminals have long profited by selling stolen financial and personal data. Of late, they've added another alarming technique: encrypting an organization's data where it's stored and demanding payment for the recovery key.
This type of cyberattack, called ransomware, is rising: One study indicates that a business is attacked every 40 seconds. The public sector is a target for ransomware because small agencies, local governments and educational institutions are less likely to have strong security measures and full data backups.
Many are also working w ...
For a computing paradigm, "Resilience is the ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operation". Resilience is related to survivability, which builds on the disciplines of security, fault tolerance, safety, reliability, and performance. This paper focuses on cyber security approaches to achieve cyber resilience when developing technologies, systems, networks, and platforms.
The cyber domain is like any other military or intelligence theater of operations: Success requires highly skilled, well-trained and experienced professionals.
Technology in the form of advanced systems, tools and software are indispensable, and staying ahead of adversaries requires constant innovation. But just like any weapons system, ordnance or strategic plan, the best technology is of limited value without the people to make it work at its highest level. We recruit and train pilots for new generations of aircraft; we must do the same for cyber warriors.
As part of TechNet Augusta 2018, the U.S. Army identified 11 areas as opportunities for the private sector to share potential solutions for the problems the service faces in the cyber electromagnetic activities arena. The association reached out to industry and received more than 40 potential solutions from a range of innovators with technical and thought-provoking approaches to addressing difficult problems. Read how entrepreneurs, pioneers and large companies recommend the Army solve some of their biggest challenges.
Author: Belkin International
Foreign nations, terrorists, and cyber criminals see state and local government IT infrastructure as an extremely attractive target for data theft, attacks, and disruption. Attacks have taken down entire systems, destroyed valuable equipment, and left many government agencies repeatedly vulnerable in countries throughout the world. To combat threats, Federal agencies are looking for ways to enable employee productivity while ensuring air-tight seals between networks, protecting from both internal and external threats. Keyboard-Video-Mouse (KVM) switching devices can ass ...
According to the World Economic Forum, a majority of business leaders indicated that cyberattacks are their top concern heading into 2018. For many organizations, there needs to be an important shift in mindset: Security can no longer be thought of as a technical problem with a technical solution; it must be treated as a critical business concern.
The modern world takes place in a largely digital space. Underneath the physical assets that drive our businesses are mountains of data and personal information. The digitizing of information has had a major impact on the business world, creating large, complicated systems. At the foundation of it all is the ability to create a secure network infrastructure; without proper security measures and controls in place, it is impossible for an organization to move forward with confidence. Security is at the foundation of an organization's ability to provide reliable, scalable ...
This white paper provides recommendations on the applications of big data analytics and data science generally to the cybersecurity domain. It examines ways in which big data can be used to improve predictive analytics and to detect anomalous behavior that may be indicative of cybersecurity problems such as exploits or attacks. This paper also
examines the special challenges the security of big data environments
pose given the enhanced value of information that is made part of and subject to analysis within such environments. In addition, it discusses the implica ...
Your approach to vulnerability management may be putting your organization at greater risk. Just dealing with vulnerabilities that a vendor said were "critical" isn't enough and may still leave you susceptible to an attack. Attackers are embracing ransomware and other forms of distributed cybercrime made readily available as packaged exploit kits and services on the dark web. These attacker tools target low-hanging
fruit by exploiting a surprisingly small number of vulnerabilities, many of which wouldn't be tagged as a high priority in a purely vulnerability-centric ...
The DoD faces the ever-changing, diverse environment of cyber operations at the tactical edge where agile, easy-to-use, effective, and resilient IT infrastructure is paramount to success. To ensure information dominance and operational agility in the battlefield, the modern Warfighter requires innovative, lightweight, purpose-built infrastructure that supports mission-critical applications with rapid deployment, high availability, linear scaling and secure operations. Deploying such enterprise-grade data center solutions to the tactical edge with minimal physical footpr ...
Author: IT Cadre
Businesses, government agencies, military units, and academic institutions are more effective and productive today than they were 30 years ago because of the opportunities and efficiencies gained in a networked world. However, this improved productivity comes with new risk. For many organizations, information is the most valuable asset they possess. Their existence is tied to their ability to both use and protect this vital information. Protecting that information has to span the complex environments of corporate owned storage networks, individual workstations, cloud se ...